Login Credentials Failing
-
@steveits I did think of that but viewing the password it appears 100%.
-
@stormgate Still brainstorming, try default “pfsense”
Do you have a saved config export to look at? IiRC it’s not encrypted there…
-
@steveits I will take a look tomorrow at work. Thanks
-
@steveits So I do have a backup on my local PC, I don't seem to have my emergency account listed but that was a last minute thing so probably just didn't update my backup. Now the account I was trying is listed but obviously cannot see the password as its a hash.
-
@stormgate Yeah, looks like it’s all other passwords that are base64.
One can reset it via console but obviously you’d need hands.
https://docs.netgate.com/pfsense/en/latest/troubleshooting/locked-out.html -
@steveits I'm really starting to feel defeated. So I ran the hash against the password I have written down and it came back a mismatch, which I do not know if that procedure is 100% accurate because it makes zero sense. I used this user/password combo for almost 6 weeks straight till boxing. I had a staff person connect a laptop to LAN1 on the Netgate and then ran the USB to micro USB and got that installed. I was able to connect thru Putty but credentials didn't work but also Putty just crashes after about 45-60 secs anyway. The only logical thing I can think of and guessing now is the equipment was scanned going across the border and maybe f'd things up, I'm just at a loss right now. This is my first pfsense device and more familiar with traditional firewalls like Sophos XG or Junipers so really feeling the pressure and honestly, quite embarrassed I have let them down at this point.
-
@stormgate Hmm. Not sure either. I've used Putty a few times without issue on various models. There is a config history...was the password ever something else between the default/new and the one you used?
In https://docs.netgate.com/pfsense/en/latest/troubleshooting/locked-out.html#forgotten-password-with-a-locked-console there is the process to reset it but not sure you can do two boots in 45 seconds.
-
Mmm, that's odd. If the config was damaged or it wasn't booting correctly I'd be very surprised that you can still login using VPN.
Does that VPN have user login or is it cert only? Can you login using that user?Are you logins being refused at the gui and via SSH?
How is putty failing?
Steve
-
@stephenw10 said in Login Credentials Failing:
If the config was damaged or it wasn't booting correctly I'd be very surprised that you can still login using VPN
That was my thought process. Sounds like it behaves as if only the password changed.
@StormGate Are you using "admin"? You mentioned an emergency account which is presumably a different user.
It's not pretty but if the person on site can't get the password reset, there's always format/reinstall/restore. Though, that's more complicated than the password reset process.
-
@steveits Update you guys, I got in! I took a break and thought let me try my the account again, I did make as emergency access only. Now the password was crazy so sometime an "l" may look like a one or vice versa, I decided to copy my credentials in a txt file and send thru my remote session and did a copy paste and got in. I immediately reapplied my own admin account, with the password and before rebooting, I took a backup of the updated system. I am able to get in under both my accounts now. The default "admin" I had disabled out of the gate in lieu of my custom admin accounts.
-
@stormgate Nice! Yeah copy/paste solves most things like that, though I did get caught once where it was copying the bullet point in front of the text. :(
You may find cases where “admin” is needed. I know it’s always used for HA config sync even though the page has a field for what username to use. At least, last I knew.
-
@steveits Thank you so much Steve for thinking outside the box and replying back, very nice of to go out of your way.
